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DETAILED ACTION 
Continued Examination Under 37 CFR LI 14 
A request for continued examination under 37 CFR 1.114, including the fee set forth in 
37 CFR 1 . 1 7(e), was filed in this application after final rejection. Since this application is 
eligible for continued examination under 37 CFR 1.114, and the fee set forth in 37 CFR 1 . 1 7(e) 
has been timely paid, the finality of the previous Office action has been withdrawn pursuant to 
37 CFR 1.114. Applicant's submission filed on 01/29/07 has been entered. 



Response to Arguments 

Applicant's arguments filed 01/29/07 have been fully considered. 

Applicant argued that ElGamal does not teach the limitation wherein the server cannot 
feasibly determine the client secret and the third secret. The reference Spelman teaches the 
limitation as shown in the new rejection below. 

Claim Rejections - 35 USC §103 
The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

Claims 1-2, 4-7, 9-11, 14-18, 31, 38-41, and 43-48, are rejected under 35 U.S.C. 103(a) 
as being unpatentable over Jones (5,623,637) in view of the article by Spelman et al. (5,638,445). 
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In reference to claims 1, 38, and 47, Jones discloses a multi -party system with a remote 
computer (server) and a host personal computer (client). The system of Jones after 
authenticating, provides to the client by the device the encrypted secrets (column 8 lines 2-67 in 
combination with column 9 lines 22-36). The encrypted secrets are capable of being decrypted 
using a decryption key derived from the third secret (column 9 lines 20-36). The multi-party 
secure computation protocol implemented between the client and the server is the only multi- 
party computation protocol that is implemented in generating the third secret and the decryption 
key derived from the third secret (Fig. 3). 

Although Jones discloses a method of key distribution, Jones does not disclose a protocol 
wherein the client has a client secret and the server has a server secret used to compute a third 
secret form the client and server secret and the server cannot feasibly determine the client secret 
and cannot feasibly determine the third secret. 

Spelman teaches a method for blind encryption (title). Spelman a protocol wherein the 
client (merchant) has a client secret (GSO) and the server (merchant acquirer) has a server secret 
(PI) used to compute a third secret (C[GSO]kl; D[PI]k2; E[kl,...]R; E[k2,.. .]R) from the client 
and server secret, wherein the protocol is implemented so that the client obtains the third secret 
(Fig. 1 arrow with data point to part 20) and cannot feasibly determine the server secret (PI is 
encrypted by k2 which is encrypted by the recryptor's key R), and the server cannot feasibly 
determine the client secret (GSO is encrypted by kl which is encrypted by the recryptor's key 
and is not sent to the merchant acquirer) and cannot feasibly determine the third secret (the 
merchant acquirer only has access the PI which is encrypted using k2 that the merchant acquirer 
has access to). 
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At the time the invention was made, it would have been obvious to a person of ordinary 
skill in the art to use the blinding encryption system of Spelman in the system of Jones. One of 
ordinary skill in the art would have been motivated to do this because blind encryption is used to 
protect against snooping by the service (column 1 lines 34-36). 

In reference to claim 4, wherein the client secret comprises at least one of a PIN, a 
password, and biometric information (column 8 lines 52-67). 

In reference to claim 9, wherein the authenticating step comprises authenticating the 
client based on at least one of a PIN, a password, and biometric information (column 8 lines 52- 
67). 

In reference to claims 10, wherein authenticating comprises authenticating the client 
based on a secret other than the first secret (column 8 lines 52-67). 

In reference to claim 43 Spelman discloses a system wherein at the client, using the client 
secret to compute client information and then sending the client information to the server; at the 
server, using the client information and the server secret to compute intermediate data and 
sending the intermediate data to the client; and at the client, deriving the third secret from the 
intermediate data (Fig. 1). 

At the time the invention was made, it would have been obvious to a person of ordinary 
skill in the art to use the blinding encryption system of Spelman in the system of Jones. One of 
ordinary skill in the art would have been motivated to do this because blind encryption is used to 
protect against snooping by the service (column 1 lines 34-36). 
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In reference to claims 2, 41, and 4Swherein the third secret is derived from the 
intermediate data by use of one of a key derivation function and a hash function. The 
polynomial is the key derivation function (Fig. 1). 

At the time the invention was made, it would have been obvious to a person of ordinary 
skill in the art to use the blinding encryption system of Spelman in the system of Jones. One of 
ordinary skill in the art would have been motivated to do this because blind encryption is used to 
protect against snooping by the service (column 1 lines 34-36). 

In reference to claims 11 wherein authenticating comprises using an authentication secret 
derived from the third secret (column 9 lines 1-21). 

In reference to claim 14, wherein the encrypted secrets comprise a private key of a 
public/private key pair used for asymmetric cryptography (Fig. 3). 

In reference to claim 15, wherein the encrypted secrets comprise a signature key used for 
creating a digital signature. 

Jones does not expressly disclose encrypted secrets comprise a signature key used for 
creating a digital signature. 

However Spelman discloses the key distribution for creating digital signatures (column 5 
lines 55-62). 

At the time the invention was made, it would have been obvious to a person of ordinary 
skill in the art to use the blinding encryption system of Spelman in the system of Jones. One of 
ordinary skill in the art would have been motivated to do this because blind encryption is used to 
protect against snooping by the service (column 1 lines 34-36). 
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In reference to claim 16, wherein authenticating comprises authenticating the client based 
on a secret other than the first secret,, so that the user provides different information to access the 
device and access the signature key column 9 lines 1-21. 

In reference to claim 1 7, The method of claim 1 wherein the encrypted secrets comprise a 
secret key used for symmetric cryptography (column 9 lines 49-60). 

In reference to claim 31 the method further comprising deriving the decryption key from 
the third secret; and decrypting the encrypted secrets using the decryption key (Fig. 1). 

At the time the invention was made, it would have been obvious to a person of ordinary 
skill in the art to use the blinding encryption system of Spelman in the system of Jones. One of 
ordinary skill in the art would have been motivated to do this because blind encryption is used to 
protect against snooping by the service (column 1 lines 34-36). 

In reference to claim 39, further comprising transmitting, to the first server by the 
network server, verification that the user has authenticated successfully. 

Although Jones discloses the authentication of the host (client) to the remote computer 
(server), Jones does not disclose transmitting, to the first server by the network server, 
verification that the user has authenticated successfully. At the time the invention was made, it 
would have been obvious to a person of ordinary skill in the art to send verification to the client 
from the server that is the network server. One of ordinary skill in the art would have been 
motivated to do this because in the case that the authentication is successful, the information 
would be sent to the host computer, however if authentication is not successful the host computer 
could use the verification transmission to make corrections and try again. 
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In reference to claim 40, wherein the network server is a web server and wherein the 
client is a web browser. The server of Jones is a server on the network, therefore a network 
server. The common use of the network described by Jones (Fig. 1) is for the internet, therefore 
the server would be a web server and the client a browser. 

In reference to claims 5 and 44, Jones does not disclose a blind function evaluation 
protocol used to derive the intermediate data from the secret data. 

Spelman discloses a merchant device deriving an intermediate message from a secret 
message sent by the consumer. The merchant device uses blind encryption to determine the 
intermediate data (Fig. 1 in combination with column 6 lines 15-30). 

At the time the invention was made, it would have been obvious to a person of ordinary 
skill in the art to blind the secret data as disclosed by Spelman in the system disclosed Jones. 
One of ordinary skill in the art would have been motivated to do this because it would facilitate 
communication between devices in the case that the keys have not been exchanged yet. 

In reference to claims 6, wherein the security of the blind function evaluation protocol is 
based on the problem of extracting roots modulo a composite. 

Jones does not disclose the user of a blind function. 

Spelman discloses the user of a blind encryption function wherein the evaluation protocol 
is based on the problem of extracting roots modulo a composite (column 6 lines 3 1-44). 

At the time the invention was made, it would have been obvious to a person of ordinary 
skill in the art to blind the secret data as disclosed by Spelman in the system disclosed Jones. 
One of ordinary skill in the art would have been motivated to do this because it would facilitate 
communication between devices in the case that the keys have not been exchanged yet. 
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In reference to claims 7 and 45-46, wherein the security of the blind function evaluation 
protocol uses discrete logarithms. 

Jones does not disclose the user of a blind function. 

Spelman discloses the user of a blind encryption function wherein the evaluation protocol 
uses the discrete logarithm problem (column 6 lines 31-44). 

At the time the invention was made, it would have been obvious to a person of -ordinary 
skill in the art to blind the secret data as disclosed by Spelman in the system disclosed Jones. 
One of ordinary skill in the art would have been motivated to do this because it would facilitate 
communication between devices in the case that the keys have not been exchanged yet. 

In reference to claim 75, wherein the encrypted secrets comprise at least one unit of 
digital currency. 

Jones does not disclose the encrypted secrets comprising at least one unit of digital 
currency. 

Spelman discloses the data being sent from a merchant to a merchant acquirer, therefore 
the information includes digital currency with visa information (Fig. 1). 

At the time the invention was made, it would have been obvious to a person of ordinary 
skill in the art to send digital currency as suggested by Spelman in the system disclosed Jones. 
One of ordinary skill in the art would have been motivated to do this because communication of 
currency requires enhanced security to prevent theft. 

Claim 8 is rejected under 35 U.S.C. 103(a) as being unpatentable over Jones and 
Spelman in view of Schneier. 



Application/Control Number: 09/802,485 Page 9 

Art Unit: 2135 

In reference to claim 8, wherein the authenticating step comprises authenticating the 
client based on a time-dependent code. Jones and Spelman do not expressly disclose the client 
authenticating based on a time-dependent code. 

Schneier discloses the use of the timestamp during authentication (page 61). The 
information used during authentication is then time-dependent. 

At the time the invention was made, it would have been obvious to a person of ordinary 
skill in the art to add a time stamp during authentication as in Schneier in the system disclosed by 
Jones. One of ordinary skill in the art would have been motivated to do this because the time 
stamp would prevent replay attacks. 

Claims 12-13 are rejected under 35 U.S.C. 103(a) as being unpatentable over Jones and 
Spelman as applied in claim 1 and further in view of Richard et al (5,922,074). 

In reference to claim 12 wherein the device comprises at least one of a file server, a 
directory server, a key server, a PDA, a mobile telephone, a smart card, and a desktop computer. 

Jones and Spelman do not expressly disclose the device comprising at least one of a file 
server, a directory server, a key server, a PDA, mobile telephone, a smart card, and a desktop 
computer. 

Richard discloses a system that includes a directory server from which the client 
authenticates to gain access (Fig. 2). 

At the time the invention was made, it would have been obvious to a person of ordinary 
skill in the art to authenticate the client to a directory server as in Richard in the system of Jones. 
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One of ordinary skill in the art would have been motivated to do this because the directory 
includes sensitive information that requires increased security. 

In reference to claim 13, wherein the device comprises at least one secure data store, the 
device-requiring authentication before allowing the client access to the data store. 

Although Jones discloses a system wherein the device requires authentication before 
allowing the client access to the data, Jones does not expressly discloses as system wherein the 
device comprises at least one secure data store. 

Richard discloses a system wherein the client authenticates itself to a server that stores 
information or services (column 6 lines 21-45). 

At the time the invention was made, it would have been obvious to a person of ordinary 
skill in the art to authenticate the client to a server that stores information or services as in 
Richard in the system of Jones. One of ordinary skill in the art would have been motivated to do 
this because the directory includes sensitive information that requires increased security. 

Claims 19-20 are rejected under 35 U.S.C. 103(a) as being unpatentable over Jones and 
Elgamal as applied to claim 43 and further in view of Brunsting et al (6,505,164). 

In reference to claim 19, further comprising the step of verifying that the client has not 
exceeded a predetermined number of unsuccessful ,attempts to obtain the intermediate data. 

Jones and Elgamal do not disclose a system that maintains a count of the number of 
unsuccessful attempt to authenticate a system. 

Brunsting discloses a system that maintains a count of the number of unsuccessful 
attempts at accessing account information (Fig. 2). 
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At the time the invention was made, it would have been obvious to a person of ordinary 
skill in the art to maintain a count of the number of unsuccessful attempts as in Brunsting in the 
system of Jones. One of ordinary skill in the art would have been motivated to do this because it 
would increase security by monitoring the activity that may be malicious. 

In reference to claim 20, wherein the verifying step further comprises: transmitting a 
challenge code to the client; and receiving the result of a cryptographic operation using the 
challenge code as an input and using a cryptographic key derived from the encrypted secret 
(Jones Fig. 2). 

Conclusion 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Paula W. Klimach whose telephone number is (571) 272-3854. 
The examiner can normally be reached on Mon to Thr 9:30 a.m to 5:30 p.m. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Kim Vu can be reached on (571) 272-3859. The fax phone number for the 
organization where this application or proceeding is assigned is 703-872-9306. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-2 1 7-9 1 97 (Wfftfree). 
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